I notice the ebuild points out there are no patches. Is that because there are no bugs noticed and fixed as yet? Doesn't Pie support require a patch?

Sorry for all the questions. I'm just in the process of building a web/email server using Gentoo SELinux Hardened, and I don't want to use GCC 3.x, I want ot use GCC 4.x.

I looked at the peiworld overlay, but it seemed a little messy, it looked like you had to copy the distfiles and eclass file into the main tree before you could use it. Is this ebuild a viable alternative?

..and any idea why it taken so long for GCC 4.x to appear in portage with hardened support??

for building gcc-4 w. hardened you first need to build a gcc-release without hardened-support (e.g. 4.2.0), then build the hardened one with -fPIC

Thanks for the reply!

I have already built the server using default 2007.0 profile, now I've changed profile to SELinux 2007.0 Hardened, and rebuilt glibc. Of course currently as part of the updates portage wants to downgrade GCC from 4.1.2 to 3.x, hence looking into an overlay type solution to keep with GCC 4.x

So should I upgrade to GCC 4.2.0 non-hardened first, then convert to hardened GCC-4.2.3-r1? Or just go straight from 4.1.2 non-hardened to hardened GCC-4.2.3-r1?

Should I update anything other than glibc and libtool between GCC upgrades? (eventually I will emerge -e world when on the final GCC version).

I am unable to find the file gcc-4.2.0-piepatches-v9.0.7.tar.bz2, just gcc-4.2.0-piepatches-v9.0.3.tar.bz2, or gcc-4.1.1-piepatches-v9.0.7.tar.bz2
Please, could somebody to give me to a link ?
Thank you!

Later: Never mind. Just a problem with rapidshare due to dansguardian. Sorry._________________Sorry for my English. I'm still learning this language.

They need time to ensure that all of the high usage apps aren't broken by it, time to make sure it doesn't create new sandbox issues, time to ensure that new "fixes" don't break current workarounds and require new workarounds, time to check all the packages with and without compiler version specific patches still compile.

The compiler is one of the most core parts of the system. If it breaks stuff, I want them to find out before its released, not after._________________My emerge --info
Have you run revdep-rebuild lately? It's in gentoolkit and it's worth a shot if things don't work well.
Celebrating 5 years of Gentoo-ing.

Hey you fools! Just update it in the tree right now!
I don't care if it breaks or if you would just need one or two more days of testing to ensure that the forums will not get flooded by people with broken toolchains!
I want it right now!!!!111one

</irony>

I know that you are aware of the new release and that you probably will do a version bump. So I am going to wait patiently till you do so. Keep up you great work.

@everyone who can't wait:
Just rename the gcc-4.2.2 ebuild. But don't complain if something does not work..._________________Ideas are bulletproof

I would have expected to have an entry for just hardened with both pie and ssp support, but it seems if I want hardened I'm forced to use "no pie and ssp" or just "no pie". Shouldn't there be an option like: